CVE-2023-43830

Published
View on NVD ↗
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'.

al3zx/xss_financial_subrion_4.2.1
al3zx/xss_financial_subrion_4.2.1
XSS in financial page in Subrion 4.2.1
GitHubGitHub